A Stratified Cyber Security Vigilance Model: An Augmentation of Risk -Based Information System Security
Publication Date
2018-09-14Author
Type
ArticleMetadata
Show full item record
Abstract/ Overview
Information system security in the current interconnected environment called the cyber-space is continually getting more sophisticated. All the players involved- governments, corporates, IS security experts and users, both naïve and sophisticated- all grapple with one big problem: how to decide on what level of security is enough for their information system since the amount of security controls applied must be commensurate with the IS assets being protected. In that regard, many organizations adopt risk-based security, in the hope that it would answer the elusive IS security question, but to no avail. Unfortunately, many such organizations still experience numerous breaches to their Information systems and some even realize they have fallen victims to cyber criminals, long after the actual compromise. It is for this reason that this paper presents a novel security model called Stratified Cyber Security Vigilance (SCSV) model that augments the standard risk-based security approach and demonstrates its ability to improve IS security.